storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/dockerscripts/docker-entrypoint.sh (about) 1 #!/bin/sh 2 # 3 # MinIO Cloud Storage, (C) 2019 MinIO, Inc. 4 # 5 # Licensed under the Apache License, Version 2.0 (the "License"); 6 # you may not use this file except in compliance with the License. 7 # You may obtain a copy of the License at 8 # 9 # http://www.apache.org/licenses/LICENSE-2.0 10 # 11 # Unless required by applicable law or agreed to in writing, software 12 # distributed under the License is distributed on an "AS IS" BASIS, 13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 # See the License for the specific language governing permissions and 15 # limitations under the License. 16 # 17 18 # If command starts with an option, prepend minio. 19 if [ "${1}" != "minio" ]; then 20 if [ -n "${1}" ]; then 21 set -- minio "$@" 22 fi 23 fi 24 25 ## Look for docker secrets at given absolute path or in default documented location. 26 docker_secrets_env_old() { 27 if [ -f "$MINIO_ACCESS_KEY_FILE" ]; then 28 ACCESS_KEY_FILE="$MINIO_ACCESS_KEY_FILE" 29 else 30 ACCESS_KEY_FILE="/run/secrets/$MINIO_ACCESS_KEY_FILE" 31 fi 32 if [ -f "$MINIO_SECRET_KEY_FILE" ]; then 33 SECRET_KEY_FILE="$MINIO_SECRET_KEY_FILE" 34 else 35 SECRET_KEY_FILE="/run/secrets/$MINIO_SECRET_KEY_FILE" 36 fi 37 38 if [ -f "$ACCESS_KEY_FILE" ] && [ -f "$SECRET_KEY_FILE" ]; then 39 if [ -f "$ACCESS_KEY_FILE" ]; then 40 MINIO_ACCESS_KEY="$(cat "$ACCESS_KEY_FILE")" 41 export MINIO_ACCESS_KEY 42 fi 43 if [ -f "$SECRET_KEY_FILE" ]; then 44 MINIO_SECRET_KEY="$(cat "$SECRET_KEY_FILE")" 45 export MINIO_SECRET_KEY 46 fi 47 fi 48 } 49 50 docker_secrets_env() { 51 if [ -f "$MINIO_ROOT_USER_FILE" ]; then 52 ROOT_USER_FILE="$MINIO_ROOT_USER_FILE" 53 else 54 ROOT_USER_FILE="/run/secrets/$MINIO_ROOT_USER_FILE" 55 fi 56 if [ -f "$MINIO_ROOT_PASSWORD_FILE" ]; then 57 SECRET_KEY_FILE="$MINIO_ROOT_PASSWORD_FILE" 58 else 59 SECRET_KEY_FILE="/run/secrets/$MINIO_ROOT_PASSWORD_FILE" 60 fi 61 62 if [ -f "$ROOT_USER_FILE" ] && [ -f "$SECRET_KEY_FILE" ]; then 63 if [ -f "$ROOT_USER_FILE" ]; then 64 MINIO_ROOT_USER="$(cat "$ROOT_USER_FILE")" 65 export MINIO_ROOT_USER 66 fi 67 if [ -f "$SECRET_KEY_FILE" ]; then 68 MINIO_ROOT_PASSWORD="$(cat "$SECRET_KEY_FILE")" 69 export MINIO_ROOT_PASSWORD 70 fi 71 fi 72 } 73 74 ## Set KMS_MASTER_KEY from docker secrets if provided 75 docker_kms_encryption_env() { 76 if [ -f "$MINIO_KMS_SECRET_KEY_FILE" ]; then 77 KMS_SECRET_KEY_FILE="$MINIO_KMS_SECRET_KEY_FILE" 78 else 79 KMS_SECRET_KEY_FILE="/run/secrets/$MINIO_KMS_SECRET_KEY_FILE" 80 fi 81 82 if [ -f "$KMS_SECRET_KEY_FILE" ]; then 83 MINIO_KMS_SECRET_KEY="$(cat "$KMS_SECRET_KEY_FILE")" 84 export MINIO_KMS_SECRET_KEY 85 fi 86 } 87 88 ## Legacy 89 ## Set SSE_MASTER_KEY from docker secrets if provided 90 docker_sse_encryption_env() { 91 KMS_SECRET_KEY_FILE="/run/secrets/$MINIO_KMS_MASTER_KEY_FILE" 92 93 if [ -f "$KMS_SECRET_KEY_FILE" ]; then 94 MINIO_KMS_SECRET_KEY="$(cat "$KMS_SECRET_KEY_FILE")" 95 export MINIO_KMS_SECRET_KEY 96 fi 97 } 98 99 # su-exec to requested user, if service cannot run exec will fail. 100 docker_switch_user() { 101 if [ ! -z "${MINIO_USERNAME}" ] && [ ! -z "${MINIO_GROUPNAME}" ]; then 102 if [ ! -z "${MINIO_UID}" ] && [ ! -z "${MINIO_GID}" ]; then 103 groupadd -g "$MINIO_GID" "$MINIO_GROUPNAME" && \ 104 useradd -u "$MINIO_UID" -g "$MINIO_GROUPNAME" "$MINIO_USERNAME" 105 else 106 groupadd "$MINIO_GROUPNAME" && \ 107 useradd -g "$MINIO_GROUPNAME" "$MINIO_USERNAME" 108 fi 109 exec setpriv --reuid="${MINIO_USERNAME}" --regid="${MINIO_GROUPNAME}" --keep-groups "$@" 110 else 111 exec "$@" 112 fi 113 } 114 115 ## Set access env from secrets if necessary. 116 docker_secrets_env_old 117 118 ## Set access env from secrets if necessary. 119 docker_secrets_env 120 121 ## Set kms encryption from secrets if necessary. 122 docker_kms_encryption_env 123 124 ## Set sse encryption from secrets if necessary. Legacy 125 docker_sse_encryption_env 126 127 ## Switch to user if applicable. 128 docker_switch_user "$@"